Research Paper on Cyber Security in Industry 4.0: The Pitfalls of Having Hyperconnected Systems - Programming
Start working on an individual research paper , This will be approximately 14 pages, single spaced. and at least 15 references. No more than 18\% can come up as plagiarized.Topic selection is Cyber Security in Industry 4.0: The Pitfalls of Having Hyperconnected Systems can be found at https://www.jstage.jst.go.jp/article/iasme/10/1/10_100103/_pdf. APA citation is the following. Dawson, M. (2018). Cyber Security in Industry 4.0: The Pitfalls of Having Hyperconnected Systems. Journal of Strategic Management Studies, 10(1), 19-28. Additional research topics may be provided. Final paper submission is to an academic journal.Include: No plagiarism should be APA formatted content should be unique references _100103.pdf Unformatted Attachment Preview Journal of Strategic Management Studies Vol. 10, No. 1, 19–28 (October 2018) doi: 10.24760/iasme.10.1_19 Cyber Security in Industry 4.0: The Pitfalls of Having Hyperconnected Systems MAURICE DAWSON Assistant Professor, School of Applied Technology, Illinois Institute of Technology Abstract The fourth industrial revolution is referred to as Industry 4.0. The current trend with manufacturing is automation and unparalleled levels of data exchange. To bring this trend to realization requires integrating the Internet of Things, Internet of Everything cyber-physical systems, cloud computing technologies, and more into manufacturing. Industry 4.0 involves a hyperconnected system that includes the smarter use of robotics to effectively and efficiently move to manufacture to new heights. With the use of all these technological systems, it is imperative to ensure that cyber security plays a role during the rise of this digital industrial revolution. In the United Kingdom, more than eighty manufacturing plants were hit by cyber attacks while threats in this specific industry have risen. The pitfalls of having hyperconnected systems leave an entire industry even more vulnerable than the traditional enterprise system design. Keywords: cyber security, risk management, internet of things, hyperconnectivity tion occurred in Britain over the century 1750–1850 (Deane, 1979). This was when the theory of economic development took root, and specialized activity for production for national and international markets rose. The Second Revolution is known as the technological revolution. This period was near the end of 19th century through the beginning of the 20th century. During this revolution, we received inventions such as airplanes, Henry Ford’s Model T, light bulb, and telegram. This period introduced mass production which has been altered by experts in supply chain and logistics today to equip manufacturing companies to produce to meet supply and demand. The Third Industrial Revolution was from 1969 to 2000. These three industrial revolutions are depicted in FIGURE 1. Manufacturing is undergoing another revolutionary change, and that is paving the way for systematical deployment of Cyber-Physical Systems (CPS) (Lee, Bagheri, & Kao, 2015). CPS is an integration of networking, physical processes, and embedded computers that are tightly integrated with the Internet. This change is known as the Fourth Industrial Revolution, and it does not arrive without cyber se- INTRODUCTION The landscape of manufacturing has changed, and this has allowed attackers unparalleled access to data unlike before. Nearly eighty-five participants in a survey reported falling victim to a cyber attack in the United Kingdom (U.K.) (Ambrose, 2018). The worry is that Russian hackers and other nation states are gaining entry into protected networks. Currently, there are well-documented attacks on Supervisory control and data acquisition (SCADA) systems throughout North America and Europe. A survey conducted by researchers shows the methods of operations, impact, and target sectors (Miller & Rowe, 2012). Essentially all incidents were classified with the following to include showing the year of the attack. Within the summary of incidents, you can see the earliest attack is 1982 on the Power of Siberia pipeline (Miller & Rowe, 2012). This shows that manufacturing has been a target for attackers for over two decades. To understand the current state of manufacturing, it is vital to understand the history of the previous industrial revolutions. The First Industrial RevoluCopyright © 2018 by International Academy of Strategic Management 19 Vol. 10, No. 1 (October 2018) Reprinted from Industry 4.0, by Wikipedia, June 30 2018, retrieved from https://en.wikipedia. org/wiki/Industry_4.0. Licensed under CC Attribution-ShareAlike License. FIGURE 1 Industrial Revolutions and that there is a market of $14.4 trillion. This white paper urges business leaders to transform their organizations based on key learnings to be competitive for the future (Evans, 2012). As this new wave of Internet-enabled technologies arrives, it is imperative to understand the security and privacy concerns fully (Thierer, 2015). Understanding these concerns also means understanding how to apply security controls to systems appropriately. Addressing security objectives appropriately will allow for risks to be mitigated. This means following the principles of security to ensure cyber security posture is achieved. All of these connected devices using proven standards, policies, and guidance can help with the ease of integrating these technologies into everyday life. Currently, there is a lack of guidance for securing IoT, Internet of Everything (IoE), and Web of Things (WoT) as a cohesive unit; however, there is appropriate documentation available through the National Institute of Standards and Technology (NIST), Federal Information Processing Systems (FIPS), Department of Defense (DoD), Institute of Electronic and Electrical Engineers (IEEE), International Organization for Standardization (ISO), Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs), and more. It is essential for the security engineer to understand how to protect these devices individually and then understand how the devices become more vulnerable when con- curity with technological implementation. While technology is the United States (U.S.) has been years ahead of the laws providing protection and governance meanwhile the government are continuously playing catch up (March & Smith, 1995). Understanding the various technological architectures in this connected environments provides an insight into the issues surrounds this new revolution. INTERNET OF THINGS The Internet of Things (IoT) describes a world in which smart technologies enable objects with a network to communicate with each other and interface with humans effortlessly. This connected world of convenience and technology does not come without its drawbacks, as interconnectivity implies hackability. This new world of convenience calls for revolutionary protection strategies to reassess security. Risk management concepts and Information Assurance architecture similar to those practiced in the United States Department of Defense (DoD) should be used as guidelines for cyber security implementation. This new emerging market that is facilitating the exchange of services and goods requires understanding the associated laws for the implementation of an IoT architecture (Weber, 2010). Researchers at Cisco Systems estimate that over 99 percent of physical devices are still unconnected 20 Cyber Security in Industry 4.0: The Pitfalls of Having Hyperconnected Systems alerts for downtime. Having embedded OS allows for devices to be transformed for computing functionality beyond essential functions. This would include the ability to capture more data that allows for managers to see production status, gain insight on usage patterns, and from this data make decisions. A manager could make decisions that allow them to make decisions based upon product performance in the assembly line such as replacement or the need to add additional equipment. The data would include information such as Global Positioning Systems (GPS) tags that provide the exact location of equipment that needs to be further examined to review point of origination. FIGURE 2 displays how IoT looks in manufacturing and all the different situations where IoT can be applied. What is not displayed is the negative concerns around using IoT. Since all these systems are connected to so many other systems through Internet, Bluetooth, or another method of communication it is necessary to ensure the secure transmission of data. At the current time, there are a few documents that provides the guidance for securing the systems in the manufacturing environment. This is an issue as the industrial revolution is rapidly taking root in manufacturing. nected. Mobile devices would need to be hardened with appropriate security controls for compliance (Dawson, Wright, & Omar, 2015). Encryption would need to be on devices that have IoT capabilities such as refrigerators, televisions, or smart watches. This would allow the protection of data in transit and at rest. The recommended guidance would be to use an approved public algorithm and not a weak algorithm. The classification of weak and robust algorithm change over time thus it is essential to keep abreast of the changes in cartographic algorithms. Access controls would need to be placed to ensure that other users within the hyperconnected system to do not have the ability to elevate privileges through lateral movement within a network (Dawson, 2017). INTERNET OF THINGS IN MANUFACTURING IoT in manufacturing is part of this Industrial Revolution 4.0, and this concept has a significant impact. For the manufacturing plant, one can monitor production to apply lean principles for waste management while being able to see inventory changes in real time. The implementation of IoT allows for Built-In Test (BIT) alerts, maintenance Reprinted from Internet of Things (IoT), by Andrej Tozon, 2015, retrieved from https://www.slideshare.net/andrejt/ntk2015-internet-of-things-track-iot-smart-home. Licensed under CC Attribution-ShareAlike License. FIGURE 2 Internet of Things in Manufacturing 21 Vol. 10, No. 1 (October 2018) to IoT, WoT, and IoE with consideration for the application of these architectures in the commercial sector. All these architectures allow for hyperconnectivity while at the same time it is critical to understand the changing threat landscape (Badonnel, Koch, Pras, Drašar, & Stiller, 2016). When an organization allows BYOB being to be used in a manufacturing setting it must be realized that yet another device is going unchecked into the system, effects of various attacks such as Distributed Denial of Service (DDoS), replicating worms, and calculated virus that are activated based upon specific system configuration (Singh, 2012; Brooks, 2017). As the consequences of security problems ranging from personal injury to system downtime the need for secure environments (Chahid, Benabdellah, & Azizi, 2017). So having a manufacturing floor with multiple IoT devices means there are lots of data that can be captured with relative ease. With applications such as Wireshark, it is relatively easy to capture data on an unsecured network. Wireshark is a software application that not only a laptop but also a mobile device or RaspberryPi for penetration testing (Muniz & Lakhani, 2015). The amount of detailed captured through Wireshark is astounding and revealing much about the network (See FIGURE 3) . In FIGURE 4 displayed is 500,000 packets captured from one device on a network. Understanding the origination, destination, and types of network protocols are currently in use enable an attacker to know what to attack precisely. This scenario could also include knowing the destination as it could be used to develop man in the middle attacks. The data captured through a system can be revealing and help an attacker understand the attack surface in detail. Provided in network scans are the open ports and the closed ports, disabling, and identification of unpatched applications. This informs the attacker there was no system hardening done before the deployment of the system on the network and perhaps that the organization has a lack of security policies that address secure system configuration before going live (Creery & Byres, 2005). Secure computing is essential as technological environments continue to become intertwined and hyperconnected. The policies to properly secure these new environments must also be explored as many of the security controls found within guidance such as the DoD focuses on singular systems and components (Dawson, Crespo, & Brewster, 2013). There needs to be the creation of new controls that review embedded sensors, body modifications, and devices that entirely take advantage of Internet-enabled technologies. With the emergence of these technologies, the possibilities are endless; however, there will be new vulnerabilities unexplored. CYBER SECURITY ISSUES IN TECHNOLOGICAL DEVICES As the next era of computing will be outside of the traditional desktop and into embedded systems and smaller devices are targets for attacks (Gubbi, Buyya, Marusic, & Palaniswami, 2013). When you consider, Bring Your Own Device (BYOB) as a radical step, imagine using a device such as a refrigerator that contains an embedded computing device to track the number of groceries within. This integrated device would allow access to email, weather, and other devices that enable connectivity through WiFi, or some Application Programming Interface (API) to a web-based application. Thus, the data collected would be weather, thermostat cooling patterns, foods purchased, the cost of items per month, average consumption, and more. This massive amount of data provides the ability for an attacker to gather intelligence unlike before. They can see schedules which allow for them to analyze behavioral patterns view dietary concerns that affect health, and more than give information once though genuinely personal. At the moment, organizations such as Cisco Systems and others are pushing for WoT and IoT, but no one has a plan for ensuring secured transmission is maintained during various modes of operation. Additionally, the unknowing consumer of everyday products needs to be aware of what it means to have sensors, Radio Frequency IDentification (RFID), Bluetooth, and WiFi enabled products. What further needs be explored is how Availability, Integrity, and Confidentiality (AIC) can be applied 22 Cyber Security in Industry 4.0: The Pitfalls of Having Hyperconnected Systems FIGURE 3 Wireshark Capture FIGURE 4 Group-by Column: Protocol and Value Column: Destination cess (Aljawarneh, Alawneh, & Jaradat, 2017). Thus the implementation of policies, directives, and laws that systems undergo Certification and Accreditation (C&A) is mandatory. Implementing this allows for all these systems to be routinely checked and meet stringent initial cyber security controls before the system goes live. (Ross, 2009). Essentially the in- MANUFACTURING SYSTEMS CERTIFICATION AND ACCREDITATION For Industry 4.0 to survive, it is necessary to ensure security is being embedded into the system from the beginning of the lifecycle through a pro23 Vol. 10, No. 1 (October 2018) does not have ties to the organization undergoing the C&A process. This process should be more of a regulatory body that issues the letter for accreditation. Roles similar to that in the former framework, Department of Defense Information Assurance Certification and Accreditation Process (DIACAP), should be implemented (Eller & Stauffer, 2000). dustry would be required to implement a bare minimum of controls to protect the facility from physical controls. In 2011, NIST published a Guide to Industrial Control Systems (ISC) Security that provides a baseline for precisely this (Stouffer, Falco, & Scarfone, 2011). Contained in the document is how the overall environment should be set up to maximize cyber security to include specific recommendations for ICS. These documented guidelines would mitigate attacks that are against the process, risk assessment, risk management, and the overall systems development life cycle (Cárdenas et al., 2011). A framework such as the Risk Management Framework (RMF) should be used as a baseline to enable organizations to have already defined controls. This activity is possible as NIST 800-53 provides details about the RMF which is a framework created by the NIST to address risk management (NIST, 2013). The RMF uses the risk-based approach to security control selection and specification considering effectiveness, efficiency, and constraints due to applicable laws, directives, executive orders, policies, standards, or regulations. Six RMF categorization steps serve as the basis for this NIST guidance (NIST, 2013). Step 1: Categorize. The system is assessed and categorized based on an impact analysis. Step 2: Select. During the period the organization must identify, select, customize, and document the security and privacy controls required to protect the system and the organization commensurate with the risk to organizational operations and assets, individuals. These controls are to be addressed in the design and are a result of high-level requirements that are decomposed into lower level requirements. Step 3: Implement. During this step, the controls selected in step 2 are deployed within the system to include the associated environment of operation. Step 4: Assess. The controls implemented are assessed to see if they are working as intended, and that the desired outcome meets the security requirements for the system. Step 5: Authorize. Get authority for the system to operate based upon an acceptable decision upon the acceptable risk for the system. Step 6: Monitor. Continually assess the security control of the system on an ongoing basis. The process should include annual security checks to review compliance and reporting to a third party for compliance that CYBER THREATS AND INTELLIGENCE GATHERING With the potential threats of cyber terrorism affecting national and international security, the importance of security is elevated to greater heights (Dawson, Omar, & Abramson, 2015). New threats against national infrastructure and digital crime are making researchers consider new methods of handling cyber incidents (Dawson & Omar, 2015). It is imperative that if the government or commercial sectors want to make use of these new technological Internet and Web-enabled architectures that they are prepared to battle new threats. Countries could target the ability to manufacture products where it is for military or agriculture could significantly affect a country’s Gross Domestic Product (GDP). Imagine numerous factories used for producing foods for an area known to have a significant amount of federal employees. The food has the incorrect levels of nutrients and some items bypassing proper checks. An entire county could be sick due to tampering of equipment in a manufacturing center. If you consider more high tech items, this tampering could lead to essential checks not occurring in vehicle production that degrades the quality of the car. The lacks of quality controls in the automatic process would have dangerous results such as no checks on breaks, power steering, windows, and onboard system diagnostics (Atamli & Martin, 2014; Amoozadeh et al., 2015). The manufacturing floor could serve as a place that allows an attacker not only to gather critical data from devices but inflict damage of any of the products being produced. During the Stuxnet, attack operators thought the centrifuges were operating normally while the causing a meltdown and significantly slowing down the process of Uranium enrichment (Langner, 2011). The source code of this worm is available online and 24 Cyber Security in Industry 4.0: The Pitfalls of Having Hyperconnected Systems and tools used to collect the data. Earlier in this paper, the researcher showed half a million network packets captured in only 15 min using Wireshark. Data collection could be my means of OSINT, Signals Intelligence (SIGINT), or running an application to map out the network and vulnerabilities. The third stage, processing, and exploitation are performed with tools to automate the process. For the fourth stage, the use of the R programming language and Python could be used to perform data science on the massive amount of data collected to analyze data further. It can be everything from looking at the captured metadata on photos, analyzing machine behavior, and routing of information. In the final stage, dissemination, this cou ... Purchase answer to see full attachment
CATEGORIES
Economics Nursing Applied Sciences Psychology Science Management Computer Science Human Resource Management Accounting Information Systems English Anatomy Operations Management Sociology Literature Education Business & Finance Marketing Engineering Statistics Biology Political Science Reading History Financial markets Philosophy Mathematics Law Criminal Architecture and Design Government Social Science World history Chemistry Humanities Business Finance Writing Programming Telecommunications Engineering Geography Physics Spanish ach e. Embedded Entrepreneurship f. Three Social Entrepreneurship Models g. Social-Founder Identity h. Micros-enterprise Development Outcomes Subset 2. Indigenous Entrepreneurship Approaches (Outside of Canada) a. Indigenous Australian Entrepreneurs Exami Calculus (people influence of  others) processes that you perceived occurs in this specific Institution Select one of the forms of stratification highlighted (focus on inter the intersectionalities  of these three) to reflect and analyze the potential ways these ( American history Pharmacology Ancient history . Also Numerical analysis Environmental science Electrical Engineering Precalculus Physiology Civil Engineering Electronic Engineering ness Horizons Algebra Geology Physical chemistry nt When considering both O lassrooms Civil Probability ions Identify a specific consumer product that you or your family have used for quite some time. This might be a branded smartphone (if you have used several versions over the years) or the court to consider in its deliberations. Locard’s exchange principle argues that during the commission of a crime Chemical Engineering Ecology aragraphs (meaning 25 sentences or more). Your assignment may be more than 5 paragraphs but not less. INSTRUCTIONS:  To access the FNU Online Library for journals and articles you can go the FNU library link here:  https://www.fnu.edu/library/ In order to n that draws upon the theoretical reading to explain and contextualize the design choices. Be sure to directly quote or paraphrase the reading ce to the vaccine. Your campaign must educate and inform the audience on the benefits but also create for safe and open dialogue. A key metric of your campaign will be the direct increase in numbers.  Key outcomes: The approach that you take must be clear Mechanical Engineering Organic chemistry Geometry nment Topic You will need to pick one topic for your project (5 pts) Literature search You will need to perform a literature search for your topic Geophysics you been involved with a company doing a redesign of business processes Communication on Customer Relations. Discuss how two-way communication on social media channels impacts businesses both positively and negatively. Provide any personal examples from your experience od pressure and hypertension via a community-wide intervention that targets the problem across the lifespan (i.e. includes all ages). Develop a community-wide intervention to reduce elevated blood pressure and hypertension in the State of Alabama that in in body of the report Conclusions References (8 References Minimum) *** Words count = 2000 words. *** In-Text Citations and References using Harvard style. *** In Task section I’ve chose (Economic issues in overseas contracting)" Electromagnetism w or quality improvement; it was just all part of good nursing care.  The goal for quality improvement is to monitor patient outcomes using statistics for comparison to standards of care for different diseases e a 1 to 2 slide Microsoft PowerPoint presentation on the different models of case management.  Include speaker notes... .....Describe three different models of case management. visual representations of information. They can include numbers SSAY ame workbook for all 3 milestones. You do not need to download a new copy for Milestones 2 or 3. When you submit Milestone 3 pages): Provide a description of an existing intervention in Canada making the appropriate buying decisions in an ethical and professional manner. Topic: Purchasing and Technology You read about blockchain ledger technology. Now do some additional research out on the Internet and share your URL with the rest of the class be aware of which features their competitors are opting to include so the product development teams can design similar or enhanced features to attract more of the market. The more unique low (The Top Health Industry Trends to Watch in 2015) to assist you with this discussion.         https://youtu.be/fRym_jyuBc0 Next year the $2.8 trillion U.S. healthcare industry will   finally begin to look and feel more like the rest of the business wo evidence-based primary care curriculum. Throughout your nurse practitioner program Vignette Understanding Gender Fluidity Providing Inclusive Quality Care Affirming Clinical Encounters Conclusion References Nurse Practitioner Knowledge Mechanics and word limit is unit as a guide only. The assessment may be re-attempted on two further occasions (maximum three attempts in total). All assessments must be resubmitted 3 days within receiving your unsatisfactory grade. You must clearly indicate “Re-su Trigonometry Article writing Other 5. June 29 After the components sending to the manufacturing house 1. In 1972 the Furman v. Georgia case resulted in a decision that would put action into motion. Furman was originally sentenced to death because of a murder he committed in Georgia but the court debated whether or not this was a violation of his 8th amend One of the first conflicts that would need to be investigated would be whether the human service professional followed the responsibility to client ethical standard.  While developing a relationship with client it is important to clarify that if danger or Ethical behavior is a critical topic in the workplace because the impact of it can make or break a business No matter which type of health care organization With a direct sale During the pandemic Computers are being used to monitor the spread of outbreaks in different areas of the world and with this record 3. Furman v. Georgia is a U.S Supreme Court case that resolves around the Eighth Amendments ban on cruel and unsual punishment in death penalty cases. The Furman v. Georgia case was based on Furman being convicted of murder in Georgia. Furman was caught i One major ethical conflict that may arise in my investigation is the Responsibility to Client in both Standard 3 and Standard 4 of the Ethical Standards for Human Service Professionals (2015).  Making sure we do not disclose information without consent ev 4. Identify two examples of real world problems that you have observed in your personal Summary & Evaluation: Reference & 188. Academic Search Ultimate Ethics We can mention at least one example of how the violation of ethical standards can be prevented. Many organizations promote ethical self-regulation by creating moral codes to help direct their business activities *DDB is used for the first three years For example The inbound logistics for William Instrument refer to purchase components from various electronic firms. During the purchase process William need to consider the quality and price of the components. In this case 4. A U.S. Supreme Court case known as Furman v. Georgia (1972) is a landmark case that involved Eighth Amendment’s ban of unusual and cruel punishment in death penalty cases (Furman v. Georgia (1972) With covid coming into place In my opinion with Not necessarily all home buyers are the same! When you choose to work with we buy ugly houses Baltimore & nationwide USA The ability to view ourselves from an unbiased perspective allows us to critically assess our personal strengths and weaknesses. This is an important step in the process of finding the right resources for our personal learning style. Ego and pride can be · By Day 1 of this week While you must form your answers to the questions below from our assigned reading material CliftonLarsonAllen LLP (2013) 5 The family dynamic is awkward at first since the most outgoing and straight forward person in the family in Linda Urien The most important benefit of my statistical analysis would be the accuracy with which I interpret the data. The greatest obstacle From a similar but larger point of view 4 In order to get the entire family to come back for another session I would suggest coming in on a day the restaurant is not open When seeking to identify a patient’s health condition After viewing the you tube videos on prayer Your paper must be at least two pages in length (not counting the title and reference pages) The word assimilate is negative to me. I believe everyone should learn about a country that they are going to live in. It doesnt mean that they have to believe that everything in America is better than where they came from. It means that they care enough Data collection Single Subject Chris is a social worker in a geriatric case management program located in a midsize Northeastern town. She has an MSW and is part of a team of case managers that likes to continuously improve on its practice. The team is currently using an I would start off with Linda on repeating her options for the child and going over what she is feeling with each option.  I would want to find out what she is afraid of.  I would avoid asking her any “why” questions because I want her to be in the here an Summarize the advantages and disadvantages of using an Internet site as means of collecting data for psychological research (Comp 2.1) 25.0\% Summarization of the advantages and disadvantages of using an Internet site as means of collecting data for psych Identify the type of research used in a chosen study Compose a 1 Optics effect relationship becomes more difficult—as the researcher cannot enact total control of another person even in an experimental environment. Social workers serve clients in highly complex real-world environments. Clients often implement recommended inte I think knowing more about you will allow you to be able to choose the right resources Be 4 pages in length soft MB-920 dumps review and documentation and high-quality listing pdf MB-920 braindumps also recommended and approved by Microsoft experts. The practical test g One thing you will need to do in college is learn how to find and use references. References support your ideas. College-level work must be supported by research. You are expected to do that for this paper. You will research Elaborate on any potential confounds or ethical concerns while participating in the psychological study 20.0\% Elaboration on any potential confounds or ethical concerns while participating in the psychological study is missing. Elaboration on any potenti 3 The first thing I would do in the family’s first session is develop a genogram of the family to get an idea of all the individuals who play a major role in Linda’s life. After establishing where each member is in relation to the family A Health in All Policies approach Note: The requirements outlined below correspond to the grading criteria in the scoring guide. At a minimum Chen Read Connecting Communities and Complexity: A Case Study in Creating the Conditions for Transformational Change Read Reflections on Cultural Humility Read A Basic Guide to ABCD Community Organizing Use the bolded black section and sub-section titles below to organize your paper. For each section Losinski forwarded the article on a priority basis to Mary Scott Losinksi wanted details on use of the ED at CGH. He asked the administrative resident